NetworkingNexus.net

Bug exposes OpenSSH servers to brute-force password guessing attacks

A bug in OpenSSH, the most popular software for secure remote access to UNIX-based systems, could allow attackers to bypass authentication retry restrictions and execute many password guesses.A security researcher who uses the online alias Kingcope disclosed the issue on his blog last week, but he only requested a public vulnerability ID to be assigned Tuesday.By default, OpenSSH servers allow six authentication retries before closing a connection and the OpenSSH client allows three incorrect password entries, Kingcope said.To read this article in full or to leave a comment, please click here

Fat Fingers and Other Campfire Stories

A recent well-publicized network outage prompted someone to start collecting fat-finger horror stories, and dozens of networking engineers were quick to chime in. Enjoy!

The Importance of BGP NEXT_HOP in L3VPNs

In an MPLS network with L3VPNs, it’s very easy for the NEXT_HOP attribute of a VPN route to look absolutely correct but be very wrong at the same time. In a vanilla IP network, the NEXT_HOP can point to any IP address that gets the packets moving in the right direction towards the ultimate destination. In an MPLS network, the NEXT_HOP must get the packets moving in the right direction but it must also point to the exact right address in order for traffic to successfully reach the destination.

The reason it has to be exact is because IOS only assigns MPLS labels to the next hop address and not to each individual VPN route. So when an ingress PE needs to forward a packet from a CE across the MPLS network, the PE finds the label associated with the NEXT_HOP address and uses that as the outer label to get the packet to the egress PE.

Since each NEXT_HOP has a different label, that means each NEXT_HOP is reachable through a different Label Switched Path (LSP). Different LSPs can, and likely will, forward traffic differently through the network.

An MPLS label identifies a Forwarding Equivalence Class (FEC). A FEC is Continue reading

EFF: Modify DMCA to protect independent research into car hacking

Car owners – in other words, almost everyone – were buzzing in a bad way yesterday about a report in Wired that showed two security experts demonstrating the ability to remotely commandeer and control a Jeep that was traveling on a highway.It was harrowing just to read about this sophisticated hack, never mind imagining the reality of finding oneself in such a situation.Whether coincidental or not, lawmakers are responding with calls to hold the auto industry to task.To read this article in full or to leave a comment, please click here

Saving the Web, Saving Community (Heavy Topic Warning)

Is the ‘web losing it’s populist (and/or democratic) spirit? Hossein Derakhshan, at least, thinks so. he argues that the ‘web is dying because the hyperlink is dying —

The hyperlink was my currency six years ago. Stemming from the idea of the hypertext, the hyperlink provided a diversity and decentralisation that the real world lacked. The hyperlink represented the open, interconnected spirit of the world wide web… Blogs gave form to that spirit of decentralization: They were windows into lives you’d rarely know much about; bridges that connected different lives to each other and thereby changed them. Blogs were cafes where people exchanged diverse ideas on any and every topic you could possibly be interested in. … Since I got out of jail, though, I’ve realized how much the hyperlink has been devalued, almost made obsolete.

Much could be made of the argument that Hossein is just feeling the effects of being disconnected for six years. After being put in prison as a political dissident six years ago, he reappears on the scene only to find out the world has moved on without him. There are several points in his article that might indicate this — that he felt like Continue reading

Senators propose bill to tighten vehicle security, privacy standards

Two U.S. senators today filed a bill that would require the federal government to establish standards to ensure automakers secure a driver against vehicle cyber attacks. The Security and Privacy in Your Car (SPY Car) Act, filed by Sens. Edward Markey (D-Mass.) and Richard Blumenthal (D-Conn.), also establishes a rating system — or "cyber dashboard"— that informs consumers about how well the vehicle protects drivers' security and privacy beyond the proposed federal minimum standards. "Drivers shouldn't have to choose between being connected and being protected," Sen. Markey said in a statement. "We need clear rules of the road that protect cars from hackers and American families from data trackers. This legislation will set minimum standards and transparency rules to protect the data, security and privacy of drivers in the modern age of increasingly connected vehicles."To read this article in full or to leave a comment, please click here

SD-WAN: The Killer App For Enterprise SDN?

Software-defined WAN technologies promise to help enterprises modernize their WANs by combining classic WAN technologies with SDN capabilities.

The Upload: Your tech news briefing for Wednesday, July 22

Carmakers emerge winners in the bidding for Nokia HereNokia’s much-sought-after mapping assets, called Here, have apparently been won by a coalition of carmakers. Audi, BMW and Daimler will jointly purchase Nokia’s Here digital mapping service for roughly $2.7 billion, and they plan to invite other auto makers to take a stake in the company as well, multiple reports said on Tuesday. Uber reportedly dropped out of the bidding several weeks ago.Senators propose bill to establish cyber security standard for carsTo read this article in full or to leave a comment, please click here

Online ad industry tries to stamp out click fraud

The online advertising industry is marshaling a fresh effort to fight click fraud, which steals money from advertisers and undermines faith in online campaigns.The latest effort is focused on automated traffic caused by bots from within data centers that is intended to trigger ad impressions, according to the Trustworthy Accountability Group (TAG), an industry body.TAG is going to initially use a blacklist maintained by Google that lists suspicious IP addresses of computers in data centers that may be trying to replicate human clicks on advertisements. Ad-focused technology companies, including Facebook and Yahoo, will also contribute.To read this article in full or to leave a comment, please click here

White box Internet router PoC

SDN router using merchant silicon top of rack switch describes how the performance of a software Internet router could be accelerated using the hardware routing capabilities of a commodity switch. This article describes a proof of concept demonstration using Linux virtual machines and a bare metal switch running Cumulus Linux.

The diagram shows the demo setup, providing inter-domain routing between Peer 1 and Peer 2. The Peers are directly connected to the Hardware Switch and ingress packets are routed by the default (0.0.0.0/0) route to the Software Router. The Software Router learns the full set of routes from the Peers using BGP and forwards the packet to the correct next hop router. The packet is then switched to the selected peer router via bridge br_xen.

The following traceroute run on Peer 1 shows the set of router hops from 192.168.250.1 to 192.168.251.1

[root@peer1 ~]# traceroute -s 192.168.250.1 192.168.251.1
traceroute to 192.168.251.1 (192.168.251.1), 30 hops max, 40 byte packets
 1  192.168.152.2 (192.168.152.2)  3.090 ms  3.014 ms  2.927 ms
 2  192.168. Continue reading

AT&T’s acquisition of DirecTV appears headed for approval with conditions

AT&T’s acquisition of DirecTV appears headed for approval, with Tom Wheeler, chairman of the Federal Communications Commission circulating to commissioners an order recommending approval, although with some conditions.The Department of Justice’s Antitrust Division also announced Tuesday that it will close its investigation into the around US$48 billion deal.Assistant Attorney General Bill Baer of the Antitrust Division said in a statement that the division had concluded that the combination of AT&T’s land-based Internet and video business with DirecTV’s satellite-based video business does not pose a significant risk to competition.To read this article in full or to leave a comment, please click here

AT&T’s acquisition of DirecTV appears headed for approval with conditions

New York judge rules against Facebook in search warrant case

A New York judge ruled Tuesday that Facebook has no legal standing to challenge the constitutionality of search warrants served on its users, highlighting the limits to online companies’ abilities to protect user privacy.Last year, Facebook appealed a court decision requiring it to hand over data, including photos and private messages, relating to 381 user accounts. The data was sought as part of an investigation by the New York County District Attorney’s office into a disability fraud case.Other companies including Google and Microsoft filed briefs supporting Facebook’s move, as well as the American Civil Liberties Union.To read this article in full or to leave a comment, please click here

VMware Q2 Points Toward Growth Beyond vSphere

VMware forecasts a strong 2H'15.

Cloud Gains Don’t Prevent Microsoft’s Record Loss

Microsoft takes $7.4B write-down on Nokia deal.

The Importance of BGP NEXT_HOP in L3VPNs

In an MPLS network with L3VPNs, it's very easy for the NEXT_HOP attribute of a VPN route to look absolutely correct but be very wrong at the same time. In a vanilla IP network, the NEXT_HOP can point to any IP address that gets the packets moving in the right direction towards the ultimate destination. In an MPLS network, the NEXT_HOP must get the packets moving in the right direction but it must also point to the exact right address in order for traffic to successfully reach the destination.

Five arrested in JPMorgan hacking case

U.S law enforcement officials have arrested five individuals who reportedly were involved in the high-profile 2014 computer hacking of JPMorgan.Three of the individuals were arrested for stock manipulation while the other two were arrested for running an illegal Bitcoin exchange, according to the FBI.To read this article in full or to leave a comment, please click here

Q+A w/ The Book of GNS3 Author Jason Neumann

The Book of GNS3 has just been released and was written by jason - We are thrilled that the book has been released and did a quick Q+A with

In Q2, Yahoo spent a pretty penny to achieve unusual growth

Yahoo reported on Tuesday an uncharacteristic rise in revenue for the second quarter, but it came with a hefty sum spent on boosting its search traffic.Total sales for the period ending June 30 were US$1.24 billion, up 15 percent from the previous year. In the company’s announcement, CEO Marissa Mayer called it the most substantial growth in revenue in nearly nine years.Yahoo’s revenue from search ads and display ads both grew, at rates of 22 percent and 15 percent, respectively.It would appear that Mayer’s efforts to turn around the struggling Internet portal have begun to pay off. Yahoo has struggled in recent years to grow its ad sales and attract users to its various online properties.To read this article in full or to leave a comment, please click here

In Q2, Yahoo spent a pretty penny to achieve unusual growth

« Previous 1 … 3,306 3,307 3,308 3,309 3,310 … 3,759 Next »